As explained above, the inventive communication system and the communication 
temiinal and portable electronic device used in it provide the following sort of effects. 

(1) By carrying around a portable electronic device with an organism recognition 
device according to the present invention, the user becomes able to use any communication 
terminal having a network communication function anywhere to communicate safely with a 
required resource on the Internet while performing a VPN connection or security check. 
Therefore it is possible to communicate using the best useable communication means while 
maintaining one's own secmity policy at the necessary location without being limited to the 
security set by the circuit provider. 

(2) It is not necessary to keep information that threatens security in the 
communication terminal; VPN connection and personal firewall settings, virus check settings, 
and other communication setting information that pertains to security is encrypted and kept in 
the portable electronic device, so the risk of setting information leaking to an outside third 
party is greatly reduced. 

(3) The load on communication terminals occasioned by security checks is 
reduced, and one can expect improvement in the performance of other processing. 

(4) In connection with (2) above, in ordinary use it is essentially unnecessary for 
the user himself to become involved in operating VPN client software, etc. Also, it becomes 
possible to make accessing the setting information a restricted task using encryption means 
that only a network administrator can use, thereby greatly reducing the risk of someone 
carelessly altering the client software's setting information. As a result, one can expect the 
result of reducing a network administrator's work and a company's administrative costs. 

(5) An individual can carry the inventive portable electronic device as an ID, and 
can save VPN software that works with that ID, a personal firewall, virus check software, and 
connection-related communication setting information. By doing so, the company that 
loaned the device does not have to do tasks such as installing VPN client software in a newly 
used communication device or making settings for VPN connection when an employee/user 
is moved to a different post or when replacing communication devices such as the PC that is 
being used. All that is needed is to ensure a communication interface with the relevant token, 
so the network administrator's work is greatly reduced. 

(6) In connection with the aforesaid ID, by linking the inventive scheme with 
software such as security software, etc. it becomes possible to authenticate a person using an 
organism recognition device, check license information by issuing the ID to a network server 
after authentication, provide an update function for software installed in the token after the 
license check, etc. This can be reliably done vis-a-vis the person carrying the device, not vis- 
4-vis the terminal. 

(7) If the specifications of a communication terminal are such that it cannot 
provide the application or communication software functions that are being used, instead of 
buying a new communication terminal it is possible to switch only the required 
communication processing ability to another distributed processing device and to carry 
around this sort of distributed processing device; therefore one can always have a stable 
communication environment without carrying aroimd the terminal itself. 

CLAIMS 

1 . A communication system comprising: 

A commimication terminal comprising a network connection means, and 

A portable electronic device capable of communicating with the communication 

terminal; 
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Said communication temiinal comprises a virtual network switch that can forcibly 
alter the destination of data transmitted to and from a network connected via said network 
connection means; 

Said portable electronic device comprises a security ensuring means for ensuring 
communication security to and from said network using said communication terminal; and 

Said communication terminal transmits data to and from said network via said virtual 
network switch and said portable electronic device's said security ensuring means. 

2. A conununication system according to claim 1, wherein said security ensuring means 
includes at least one of a VPN means, virus removal means, and firewall means. 

3. A communication system according to claim 1 or claim 2, wherein said virtual 
network switch is a virtual IP switch incorporated into the network layer in the OSI 7-layer 
model in TCP/IP, the standard Internet protocol, and 

The virtual IP switch transfers packets received from said network to a higher 
transport layer or to said portable electronic device according to preset parameters, and 
returns packets from the portable electronic device to a higher transport layer or to said 
network that was the transmission source according to preset parameters. 

4. A communication system according to claim 1, claim 2, or claim 3, wherein checking 
the security of said conunimication terminars storage medium and applications is performed 
by said portable electronic device's said security ensuring means via said virtual network 
switch. 

5. A conmiunication according to any of claims 1 through 4, wherein said portable 
electronic device comprises an organism recognition device such as a fingerprint sensor, etc., 
an organism information storage unit in which organism information is prestored and held, 
and an authentication means for permitting access to said network via said communication 
terminal by comparing organism information read by said organism recognition device 
against organism information stored in said organism information storage unit. 

6. Said communication terminal comprising said virtual network switch as described in 
any of claims 1 through 5. 

7. Said portable electronic device as described in any of claims 1 through 5. 

8. A commxmication system comprising: 

A communication terminal comprising a network connection means, and 
A portable electronic device capable of conununicating with the conunimication 
terminal; 

Said communication terminal comprises a security ensuring means for ensuring 
conunimication security to and from a network; and 

Said portable electronic device comprises a communication setting information 
storage unit that stores and holds communication setting information needed for 
communication with said network via said security ensuring means, an organism recognition 
device such as a fingerprint sensor, etc., an organism information storage unit in which 
organism information is prestored and held, and an authentication means for comparing 
organism information read by said organism recognition device against organism information 
stored in said organism information storage unit. 



8 



9. A communication system according to claim 8, wherein said security ensuring means 
includes at least one of a VPN means, virus removal means, and firewall means. 

10. Said portable electronic device as described in claim 8 or claim 9. 
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